Nigeria fingered in latest NAB phishing attack: WatchGuard

Powered by SC Magazine
 

Africa's broadband revolution threatens Western businesses.

A home PC in Lagos, Nigeria, connected by domestic broadband was likely responsible for a surge in malicious emails targeting NAB customers today.

Reputation websites that tracked the bona fides of millions of machines connected to the net reported the IP address responsible saw an 11-fold increase in malicious traffic over the past day.

NAB has been contacted for comment.

The zero-day threat from the probably infected Nigerian host, one of the top spammers against the bank, was exposed in a demonstration of emerging threats using WatchGuard's web-based reputation authority.

The security vendor's Australian senior sales engineer Gary Spiteri said spammers have become more efficient at targeting customers of financial institutions, reflected by the fact that fewer of their phishing emails bounced than when using scattergun approaches.

As Africa connected to broadband it was following the lead of Western countries such as the US and those in Eastern Europe in becoming a vector of attack.

click to view full size image

"I doubt that there's a National Australia (Bank) mail host in Nigeria," Spiteri said.

"Interestingly, 83.33 percent [of the Nigerian host's emails] was spam but it's a 100 percent good recipient list: no bounce backs, they've got a good, qualified list of spam targets and two blacklists have it and two of them don't.

"That's quite possibly an emergent threat.

"It's probably a PC on a conventional ADSL link and it's got some sort of bot on it.

"This is probably the source of a phishing outbreak."

Spiteri said good security practices lagged adoption of broadband adoption in Third World countries.

"Third World countries don't spend money on anti-virus, don't put network security in place, they have pirated copies of Windows, which means that security updates are turned off from Microsoft; so you'll get an increasing number of vulnerable operating systems on PCs that are then targets for more bots to be deployed on to them which then become generators of more of this type of spam."

Borderware bears fruit

The Australia and New Zealand manager for firewall vendor WatchGuard,  Scott Robertson, said reputation technology it bought in last August's marriage with Canadian security vendor Borderware would filter down from its high-end XCS class of devices to the XTM line within six months: "We're hoping for 90 days".

Robertson said the installed base of 10,000 Borderware appliances that collect intelligence about emerging threats would grow in this time to more than 600,000 once the switch was flipped on Watchguard devices.

Overnight, Watchguard launched appliances aimed at small and medium-sized organisations. The pictured XTM5 for organisations with up to 1500 users and the XTM2 for branches and businesses of up to 50 users were based on its Fireware operating system and blocked Skype, instant messaging, attacks over unified communications and VoIP, the company said.

Channel

Robertson said WatchGuard was ramping up its channel activities by:

  • launching a credit card rewards program,
  • tightening adherence to its certification program,
  • increased marketing,
  • emphasising its partner program that allowed resellers to let their customers "try before they buy"
  • and an annual trip to a tropical resort for "top performers".

"We can have more discussions with resellers about spam and content filtering and sell up into the high-end space" such as banks and financial institutions, he said.

click to view full size image


Nigeria fingered in latest NAB phishing attack: WatchGuard
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 327

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  56%
 
No
  44%
TOTAL VOTES: 135

Vote